Use IFNAMSIZ instead of a magic value for the length of an interface

name.

Prevent the kernel from potentially overflowing the interface name
variable.  The size argument of strlcpy is complex because the name is
not null-terminated in sdl_data.
This commit is contained in:
Brooks Davis 2004-01-27 01:43:14 +00:00
parent 37c2cbe308
commit a4fa9864bf
2 changed files with 5 additions and 4 deletions

View File

@ -113,7 +113,7 @@ struct in6_aliasreq in6_addreq =
struct sockaddr_in netmask;
struct netrange at_nr; /* AppleTalk net range */
char name[32];
char name[IFNAMSIZ];
int flags;
int setaddr;
int setipdst;
@ -596,8 +596,9 @@ main(int argc, char *argv[])
addrcount++;
next += nextifm->ifm_msglen;
}
strncpy(name, sdl->sdl_data, sdl->sdl_nlen);
name[sdl->sdl_nlen] = '\0';
strlcpy(name, sdl->sdl_data,
sizeof(name) <= sdl->sdl_nlen ?
sizeof(name) : sdl->sdl_nlen + 1);
if (all || namesonly) {
if (uponly)

View File

@ -36,7 +36,7 @@
extern struct ifreq ifr;
extern char name[32]; /* name of interface */
extern char name[IFNAMSIZ]; /* name of interface */
extern int allmedia;
extern int supmedia;
struct afswtch;